Page tree
Skip to end of metadata
Go to start of metadata

Join WISE for a full day session at the NSF Cybersecurity Summit in Washington DC on August 15th! 

The day will cover: 
• Software Assurance Assessment (Practical software analysis activity lead by Rob Quick)
• Risk Assessment Walkthrough https://wise-community.org/risk-assessment-template/ 
• SCI Assessment Walkthrough https://wise-community.org/sci/ 

Please let  us know if you’re coming so that we can plan an evening activity. 

Session Description:

About WISE:

The WISE (Wise Information Security for collaborating E-infrastructures) community was born as the result of a workshop in October 2015, which was jointly organized by the GÉANT group SIG-ISM (Special Interest Group on Information Security Management) and SCI, the ‘Security for Collaboration among Infrastructures’ group of staff from several large-scale distributed computing infrastructures. All agreed at the workshop that collaboration and trust is the key to successful information security in the world of federated digital infrastructures for research. WISE is an international community with participants spanning North America, Europe, Asia and Australasia.

WISE provides a trusted global framework where security experts can share information on topics such as risk management, experiences about certification processes and threat intelligence. With participants from e-Infrastructures such as EGI, EUDAT, GEANT, PRACE, XSEDE, OSG, NRENs and more, WISE focuses on standards, guidelines and practices, and promotes the protection of critical infrastructure. To date WISE has created four working groups, each tackling different aspects of collaborative security and trust.

The community is currently working on defining a comprehensive security training catalogue (STAA-WG), risk assessment template (RAW-WG), big data best practice guidelines (SBOD-WG) and guidance for assessing an infrastructure against the new version 2 of SCI, the framework established to ease cross-infrastructure information exchange during security incidents (SCIv2-WG).

Target Audience:

We invite security representatives from E-Infrastructures to participate. This includes operational security individuals and policy makers.

Agenda:

We propose a full day with the following tentative agenda, combining informational and interactive activities:

Time

Item

Description

09:00

Introduction to WISE

What is WISE all about? What are we working on?

09:20

Community Projects:

  1. Internet of Things Working Group - Florence Hudson, internet2
  2. Passive Domain Name System (pDNS) Data Project - Doug Pearson, REN-ISAC

We invite members of the WISE community to present their current projects in the security domain.

10:00

Discussion


11:00Coffee

11:15

Software Assurance, hands-on

Practical activity to run assessments on packages distributed by E-Infrastructures, and make assessments. Core software packages will be collected in advance but participants are also encouraged to bring their own samples to assess.

13:00Lunch
14:00

Risk Management, interactive

Participate in a risk assessment activity for infrastructures using the risk template defined by WISE. https://wise-community.org/risk-assessment/

16:00Coffee
16:15

SCI Self Assessment Walkthrough, interactive

Live assessment of multiple infrastructures against version 2 of SCI, the framework for Security for Collaboration among Infrastructures https://wise-community.org/updating-the-sci-framework/

18:00Closing
19:00DinnerA table has been reserved on the patio at Crafthouse, 901 N. Glebe Road.
For those who wish, there is "Trivia" inside from 7:30!

Resources:



  • No labels